P
US9864629B2ActiveUtilityPatentIndex 50

Real-time code and data protection via CPU transactional memory suppport

Assignee: MCAFEE INCPriority: Dec 23, 2014Filed: Oct 28, 2016Granted: Jan 9, 2018
Est. expiryDec 23, 2034(~8.5 yrs left)· nominal 20-yr term from priority
Inventors:MUTTIK IGORNAYSHTUT ALEXBULYGIN YURIYFURTAK ANDREW ADEMENTIEV ROMAN
G06F 12/1475G06F 9/467G06F 2212/1052G06F 21/56
50
PatentIndex Score
0
Cited by
9
References
25
Claims

Abstract

A technique allows for memory bounds checking for dynamically generated code by using transactional memory support in a processor. The memory bounds checking includes creating output code, identifying read-only memory regions in the output code and creating a map that is provided to a security monitoring thread. The security monitoring thread executes as a transaction and determines if a transactional conflict occurs to the read-only memory region during parallel execution of a monitored thread in the output code.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A non-transitory machine readable medium, on which are stored instructions, comprising instructions that when executed cause a machine to:
 create output code from input code; 
 identify read-only memory regions to be accessed during execution of the output code; 
 create a memory map for the read-only memory regions in shared memory; and 
 monitor the read-only memory regions for a transactional conflict. 
 
     
     
       2. The machine readable medium of  claim 1 , wherein the instructions that when executed cause the machine to monitor the read-only memory regions comprise instructions that when executed cause the machine to determine whether a boundary violation has occurred to the read-only memory regions. 
     
     
       3. The machine readable medium of  claim 2 , wherein the instructions that when executed cause the machine to determine the boundary violation further comprise instructions that when executed cause the machine to determine if the same read-only memory region is read by at least one security assistance thread and a monitored thread. 
     
     
       4. The machine readable medium of  claim 2 , wherein the instructions that when executed cause the machine to determine the boundary violation further comprise instructions that when executed cause the machine to determine if the same read-only memory region is read by at least one security assistance thread and written by a monitored thread. 
     
     
       5. The machine readable medium of  claim 2 , wherein the instructions further comprise instructions that when executed cause the machine to commit changes to memory responsive to determining that the boundary violation has not occurred. 
     
     
       6. The machine readable medium of  claim 2 , wherein the instructions further comprise instructions that when executed cause the machine to terminate execution of a monitored thread responsive to determining that the boundary violation has occurred. 
     
     
       7. The machine readable medium of  claim 1 , wherein the instructions that when executed cause the machine to monitor the read-only memory regions further comprise instructions that when executed cause the machine to monitor the read-only memory regions using transactional memory support. 
     
     
       8. The machine readable medium of  claim 1 , wherein the instructions that when executed cause the machine to create the memory map further comprise instructions that when executed cause the machine to execute at least one security assistance thread as a transaction. 
     
     
       9. The machine readable medium of  claim 1 , wherein the instructions further comprise instructions that when executed cause the machine to execute a monitored thread in the output code. 
     
     
       10. A method for code and data protection, comprising:
 creating output code from input code; 
 identifying read-only memory regions to be accessed during execution of the output code; 
 creating a memory map for the read-only memory regions in shared memory; and 
 monitoring the read-only memory regions for a transactional conflict. 
 
     
     
       11. The method of  claim 10 , further comprising determining whether a boundary violation has occurred to the read-only memory regions. 
     
     
       12. The method of  claim 11 , further comprising determining if the same read-only memory region is read by at least one security assistance thread and a monitored thread. 
     
     
       13. The method of  claim 11 , further comprising determining if the same read-only memory region is read by at least one security assistance thread and written by a monitored thread. 
     
     
       14. The method of  claim 11 , further comprising committing changes to memory responsive to determining that the boundary violation has not occurred. 
     
     
       15. The method of  claim 11 , further comprising terminating execution of a monitored thread responsive to determining that the boundary violation has occurred. 
     
     
       16. The method of  claim 10 , further comprising monitoring the read-only memory regions using transactional memory support. 
     
     
       17. The method of  claim 10 , further comprising executing at least one security assistance thread as a transaction. 
     
     
       18. A computer system for code and data protection, comprising:
 one or more processors; and 
 a memory coupled to the one or more processors, on which are stored instructions, comprising instructions that when executed cause one or more of the processors to:
 create output code from input code; 
 identify read-only memory regions to be accessed during execution of the output code; 
 create a memory map for the read-only memory regions in shared memory; and 
 monitor the read-only memory regions for a transactional conflict. 
 
 
     
     
       19. The computer system of  claim 18 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to determine whether a boundary violation has occurred to the read-only memory regions. 
     
     
       20. The computer system of  claim 19 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to determine if the same read-only memory region is read by at least one security assistance thread and a monitored thread. 
     
     
       21. The computer system of  claim 19 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to determine if the same read-only memory region is read by at least one security assistance thread and written by a monitored thread. 
     
     
       22. The computer system of  claim 19 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to commit changes to memory responsive to determining that the boundary violation has not occurred. 
     
     
       23. The computer system of  claim 19 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to terminate execution of a monitored thread responsive to determining that the boundary violation has occurred. 
     
     
       24. The computer system of  claim 18 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to monitor the read-only memory regions using transactional memory support. 
     
     
       25. The computer system of  claim 18 , wherein the instructions further comprise instructions that when executed cause one or more of the processors to execute at least one security assistance thread as a transaction.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.